Password protection for computer docking station

ABSTRACT

Security is provided for a docking station. Within the docking station a docking password is stored. Upon a portable computer being attached to the docking station, a password stored in the portable computer is compared to the docking password. If the password stored in the portable computer is equal to the docking password, the portable computer is allowed to access the docking station. If the password stored in the portable computer is not equal to the docking password, the portable computer is prevented from accessing the docking station.

BACKGROUND

The present invention concerns docking stations for portable computersand pertains particularly to password protection for a computer dockingstation.

Generally a portable computer, such as a notebook computer, a laptopcomputer or a palm top computer, is optimized to reduce size and weight.This often requires tradeoffs, for example, in the size of the displayand keyboard, as well as the number and types of ports which areimplemented.

One way to increase the versatility of portable computers is to providefor a docking station. The docking station when connected to a portablecomputer provides for a number of different types of ports. These portsare used, for example, to drive a large monitor, communicate withvarious peripherals provide connection to a network, and so on. See forexample, U.S. Pat. No. 5,283,714 issued to Collins Tsai, et al, for“Docking Apparatus for a Portable Computer.”

The docking station may reside in a permanent location with portsconnected to various devices. When “at the office” a user can takeadvantage of the power of a full desktop computer by connecting theportable computer to the docking station. When “on the road” the userhas the advantage of a light weight and small sized personal computer.

Typically, a docking station can be accessed by any portable computerwith a matching interface. This however, can allow for a weakness insecurity. Particularly, any portable computer which is able to dock to adocking station can gain access to networks, storage devices such asdisk drives, printers, etc. which are attached to the docking station.In some environments such free access is undesirable.

One way to prevent access to a docking station is to use a mechanicallock which requires a physical key. When the docking station is not inused, the mechanical lock can be used to prevent unauthorized docking tothe docking station. In order to access the locked docking station usinga personal computer, a user is required to unlock the docking stationusing the physical key. However, some users may view this securitymethod as inconvenient. Further, in order to use this security method itis necessary to keep track of the physical key.

SUMMARY OF THE INVENTION

In accordance with the preferred embodiment of the present invention,security is provided for a docking station. Within the docking station adocking password is stored. Upon a portable computer being attached tothe docking station, a password stored in the portable computer iscompared to the docking password. If the password stored in the portablecomputer is equal to the docking password, the portable computer isallowed to access the docking station. If the password stored in theportable computer is not equal to the docking password, the portablecomputer is prevented from accessing the docking station.

In the preferred embodiment, a security activation flag is also storedwithin the docking station. When the security activation flag is true,the docking password is used as described above. When the securityactivation flag is not true, no security is implemented and upon aportable computer being attached to the docking station, the portablecomputer is allowed to access the docking station. Likewise, when thedocking password has a null value, security is not implemented and upona portable computer being attached to the docking station, the portablecomputer is allowed to access the docking station.

Also in the preferred embodiment, an administrator password activationflag is stored within the docking station. When the administratorpassword activation flag is true, this indicates that an administratorpassword is to be used as the password which is compared to the dockingpassword. When the administrator password activation flag is not true,this indicates that a user password is to be used as the password whichis compared to the docking password. However, when the administratorpassword activation flag is not true and the user password has a nullvalue, the administrator password is used as the password which iscompared to the docking password.

The present invention allows for simple, elegant and automatic way toprovide protection for a docking station. The protection does notrequire a user or administrator to utilize a separate password.Additionally there is no physical key of which there is a need to keeptrack.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a simplified illustration of a portable computer and a dockingstation.

FIG. 2 is a simplified illustration which portrays the portable computerand the docking station shown in FIG. 1 in a docked position.

FIG. 3 is a simplified block diagram which shows various flags andpasswords stored in the portable computer and the docking station shownin FIG. 1, in accordance with a preferred embodiment of the presentinvention.

FIG. 4 is a flowchart which illustrates how the various flags andpasswords stored in the portable computer and the docking station shownin FIG. 1 are used to provide security to the docking station inaccordance with a preferred embodiment of the present invention.

FIG. 5 and FIG. 6 are flowcharts which illustrate how the various flagsand passwords stored in the portable computer and the docking stationare changed in accordance with a preferred embodiment of the presentinvention.

DESCRIPTION OF THE PREFERRED EMBODIMENT

FIG. 1 shows a docking station 41 which provides for communication witha portable computer 40.

FIG. 2 shows portable computer 40 in a docked position with dockingstation 41. In FIG. 2, the back side of docking station 41 is shown toinclude, for various ports, a physical connector 31, a physicalconnector 32, a physical connector 33, a physical connector 34, aphysical connector 35 and a physical connector 36. A physical connector37 for power is also shown.

Physical connectors 31 through 36 are illustrative physical connectorsfor various types of ports which may include, for example, one or moreserial ports, parallel ports, PS/2 ports, universal serial bus (USB)ports, network connection/port or some other combination of standard ornon-standard ports used in conjunction with a personal computer.

The present invention prevents docking station 41 (and thus devicesattached to physical connectors 31 through 36) from being accessed byportable computer 40 unless portable computer 40 has been authorized touse docking station 41. FIG. 3 shows various flags and passwords storedin portable computer 40 and docking station 41 in order to implementthis security feature.

FIG. 3 shows an administrator (or supervisor) password (ADMINPWD) 51 anda user password (USERPWD) 52 stored in non-volatile memory (such as anEEPROM) within portable computer 40.

Administrator password 51 is used by a system administrator to protectportable computer 40 from unauthorized configuration changes by the enduser. If the user of portable computer 40 is also the administrator,administrator password 51 may also be used instead of user password anduser password 52 can be left blank (NULL).

User password 52 is used by the user of portable computer 40 to preventunauthorized access to portable computer 40. For example, user password51 must be entered into portable computer 40 before portable computerwill allow access to information and programs stored on personalcomputer 40.

Administrator password 51 may be entered whenever user password 52 isrequested. In a typical system the administrator can configure thesystem to require entry of administrator password 51 before allowingportable computer 40 to undock from docking station 41.

For more information on use of administrator passwords and userpasswords, see for example, HP OmniBook 800 User's Guide, 1996 availableon the internet at http://www.hp.com/go/omnibook or from Hewlett-PackardCompany, Mobile Computing Division, 1000 N. E. Circle Blvd., Corvallis,Oreg. 97330.

While use of administrator password 51 and user password 52, asdescribed above, protects portable computer 40 from unauthorized accessand protects portable computer 40 from unauthorized removal from dockingstation 41, such use of administrator password 51 and user password 52does not protect devices connected to docking station 41 from beingaccessed by inserting into docking station 41 a different portablecomputer of the same kind as portable computer 40.

To prevent the unauthorized use of docking station 41, a dockingpassword (DOCKPWD) 55 is stored in non-volatile memory (such as anEEPROM) within docking station 41. When security for docking station 41is activated, portable computer 40 (or any other portable computer) isnot allowed access to docking station 41 unless docking password 55matches administrator password 51 or user password 52.

In the preferred embodiment, a security activation flag (NEEDDOCKPWD) 53is stored in non-volatile memory within docking station 41. Whensecurity activation flag 53 is true, this indicates that security fordocking station 41 has been activated and that no portable computer isallowed access to docking station 41 unless docking password 55 matchesan administrator password or a user password stored in the portablecomputer, as further described below. When security activation flag 53is false, this indicates that security for docking station 41 has beendeactivated and that a portable computer can have access to dockingstation 41 without requiring a match for docking password 55.

Also in the preferred embodiment, an administrator password activationflag (DOCKPWDADMIN) 54 is also stored in non-volatile memory withindocking station 41. When administrator password activation flag 54 istrue, this indicates that when security for docking station 41 has beenactivated, no portable computer is allowed access to docking station 41unless docking password 55 matches the administrator password stored inthe portable computer. When administrator password activation flag 54 isfalse, this indicates that when security for docking station 41 has beenactivated, no portable computer is allowed access to docking station 41unless docking password 55 matches the user password stored in theportable computer. In the case where the user password is null andadministrator password activation flag 54 is false, no portable computeris allowed access to docking station 41 unless docking password 55matches the administrator password stored in the portable computer.

The presence of administrator password activation flag 54 accomplishesthe goal of allowing groups of portable computers to access a singleshared docking station. When administrator password activation flag 54is true, this allows any portable computer with a matching administratorpassword to use docking station 41. Each such portable computer is ableto utilize docking station 41 while still retaining a unique userpassword.

FIG. 4 is a flowchart which illustrates how the various flags andpasswords stored in portable computer 40 and docking station 41 are usedto provide security to docking station 41. In the embodiment shown inFIG. 4, the described flowchart is performed in portable computer 40,for example using a processor 56 shown in FIG. 3. In an alternativeembodiment of the present invention, the flowchart may be performedwithin docking station 41 using a processor 57 shown in FIG. 3.

The docking password handling routine is entered in a step 61. In a step62, security activation flag (NEEDDOCKPWD) 53 and administrator passwordactivation flag (DOCKPWDADMIN) 54 are fetched from docking station 41.

In a step 63 a check is made to see if security activation flag(NEEDDOCKPWD) 53 is true. If in step 63 security activation flag(NEEDDOCKPWD) 53 is false, in a step 71, docking station 41 is enabled.

If in step 63 security activation flag (NEEDDOCKPWD) 53 is true, in astep 64, docking password (DOCKPWD) 55 is fetched from docking station41.

In a step 65 a check is made to see if docking password (DOCKPWD) 55 isNULL. If in step 65 docking password (DOCKPWD) 55 is NULL, in step 71,docking station 41 is enabled.

If in step 65 docking password (DOCKPWD) 55 is not NULL, in a step 66, acheck is made to see if administrator password activation flag(DOCKPWDADMIN) 54 is true. If in step 66, administrator passwordactivation flag (DOCKPWDADMIN) 54 is true, a step 67 is skipped.

If in step 66, administrator password activation flag (DOCKPWDADMIN) 54is not true, in step 67, a check is made to see if user password(USERPWD) 52 is null. If in step 67, password (USERPWD) 52 is null, in astep 68 a check is made to see if administrator password (ADMINPWD) 51is equal to docking password (DOCKPWD) 55.

If in step 68 administrator password (ADMINPWD) 51 is equal to dockingpassword (DOCKPWD) 55, in step 71 docking station 41 is enabled. If instep 68 administrator password (ADMINPWD) 51 is not equal to dockingpassword (DOCKPWD) 55, in a step 70 docking station 41 is not enabled.

If in step 67, password (USERPWD) 52 is not null, in a step 69 a checkis made to see if user password (USERPWD) 52 is equal to dockingpassword (DOCKPWD) 55.

If in step 69 user password (USERPWD) 52 is equal to docking password(DOCKPWD) 55, in step 71 docking station 41 is enabled. If in step 69user password (USERPWD) 52 is not equal to docking password (DOCKPWD)55, in step 70 docking station 41 is not enabled.

In order to maintain coherence between docking password 55 and anassociated password within portable computer 40, when the associatedpassword in portable computer 40 is updated, docking password 55 must beupdated as well. For example, when administrator password activationflag 54 is true, when administrator password 51 is updated, then dockingpassword 55 is updated as well. Likewise, when administrator passwordactivation flag 54 is false, when user password 52 is updated, thendocking password 55 is updated as well.

Coherence between docking password 55 and an associated password withinportable computer 40 is best maintained by changing the associatedpassword only when portable computer 40 is docked to docking station 41.

FIG. 5 is a flowchart which illustrates how user password (USERPWD) 52is changed.

The user password set-up routine is entered in a step 81. In a step 82 acheck is made to see if the current value of user password (USERPWD) 52is NULL. If not, in a step 83 a password is received from a user of theuser password set-up routine. In a step 84, a check is made to see ifthe password received from the user is equal to user password (USERPWD)52.

If in step 83, the password received from the user is equal to userpassword (USERPWD) 52, or if in step 82 the current value of userpassword (USERPWD) 52 is NULL, the user password set-up routine proceedsto a step 85. In step 85, the user can change the value of user password52. As illustrated by a step 86, the user password set-up routine waitsfor the user to indicate changes are complete (e.g., by selecting an OKbutton in a user set-up window) before proceeding to a step 87.

In step 87 a check is made to see if security activation flag(NEEDDOCKPWD) 53 is true. If in step 87 security activation flag(NEEDDOCKPWD) 53 is not true, in a step 90, the user password set-uproutine is exited.

If in step 87 security activation flag (NEEDDOCKPWD) 53 is true, in astep 88 a check is made to see if administrator password activation flag(DOCKPWDADMIN) 54 is true. If in step 88 administrator passwordactivation flag (DOCKPWDADMIN) 54 is true, then in step 90, the userpassword set-up routine is exited.

If in step 88 administrator password activation flag (DOCKPWDADMIN) 54is not true, in a step 89, docking password (DOCKPWD) 55 is set equal touser password (USERPWD) 52. Then in step 90, the user password set-uproutine is exited.

FIG. 6 is a flowchart which illustrates how administrator password(ADMINPWD) 51 is changed.

The administrator password set-up routine is entered in a step 91. In astep 92 a check is made to see if the current value of administratorpassword (ADMINPWD) 51 is NULL. If so, in a step 93 a password isreceived from a user of the administrator password set-up routine. In astep 94, a check is made to see if the password received from the useris equal to administrator password (ADMINPWD) 51.

If in step 94, the password received from the user is equal toadministrator password (ADMINPWD) 51, or if in step 92 the current valueof administrator password (ADMINPWD) 51 is NULL, the administratorpassword set-up routine proceeds to a step 95. In step 95 anadministrator set-up window allows the administrator to change thevalues of administrator password 51, security activation flag 53 and/oradministrator password activation flag 54. As illustrated by a step 96,the administrator password set-up routine waits for the administrator toindicate changes are complete (e.g., by selecting an OK button in theadministrator set-up window) before proceeding to a step 97.

In step 97 a check is made to see if security activation flag(NEEDDOCKPWD) 53 is true. If in step 97 security activation flag(NEEDDOCKPWD) 53 is not true, in a step 100, the administrator passwordset-up routine is exited.

If in step 97 security activation flag (NEEDDOCKPWD) 53 is true, in astep 98 a check is made to see if administrator password activation flag(DOCKPWDADMIN) 54 is true. If in step 98 administrator passwordactivation flag (DOCKPWDADMIN) 54 is true, in a step 101, dockingpassword (DOCKPWD) 55 is set equal to administrator password (ADMINPWD)51. Then in step 100, the administrator password set-up routine isexited.

If in step 98 administrator password activation flag (DOCKPWDADMIN) 54is not true, in a step 102, a check is made to see if user password(USERPWD) 52 is equal to NULL. If in step 102, user password (USERPWD)52 is equal to NULL, in a step 99 docking password (DOCKPWD) 55 is setequal to administrator password (ADMINPWD) 51. Then in step 100, thepassword set-up routine is exited. If in step 102, user password(USERPWD) 52 is not equal to NULL, in step 100, the password set-uproutine is exited.

The foregoing discussion discloses and describes merely exemplarymethods and embodiments of the present invention. As will be understoodby those familiar with the art, the invention may be embodied in otherspecific forms without departing from the spirit or essentialcharacteristics thereof Accordingly, the disclosure of the presentinvention is intended to be illustrative, but not limiting, of the scopeof the invention, which is set forth in the following claims.

I claim:
 1. A method for providing security to a docking stationcomprising the following steps: (a) storing a docking password withinthe docking station; (b) upon a portable computer being attached to thedocking station, performing the followings substeps: (b.1) comparing apassword stored in the portable computer to the docking password, (b.2)if the password stored in the portable computer is equal to the dockingpassword, allowing the portable computer to access the docking station,and (b.3) if the password stored in the portable computer is not equalto the docking password, preventing the portable computer from accessingthe docking station; and, (c) storing an administrator passwordactivation flag within the docking station; wherein substep (b.1)includes the followings substeps: (b.1.1) using an administratorpassword as the password which is compared to the docking password whenthe administrator password activation flag is true, and (b.1.2) using auser password as the password which is compared to the docking passwordwhen the administrator password activation flag is not true.
 2. A methodas in claim 1 additionally comprising the following steps: (d) storing asecurity activation flag within the docking station; wherein step (b) isperformed when the security activation flag is true; and, wherein whenthe security activation flag is not true, performing the following stepinstead of step (b): (e) upon a portable computer being attached to thedocking station, allowing the portable computer to access the dockingstation.
 3. A method as in claim 1 wherein in substep (b.1.2), when theadministrator password activation flag is not true and the user passwordhas a null value, using the administrator password as the password whichis compared to the docking password.
 4. A method as in claim 1 whereinwhen in step (a) the docking password has a null value, performing thefollowing step instead of step (b): (d) upon a portable computer beingattached to the docking station, allowing the portable computer toaccess the docking station.
 5. Storage media which stores a softwareprogram which, when executed, performs a method comprising the followingstep: (a) upon a portable computer being attached to a docking station,performing the followings substeps: (a.1) obtaining a docking passwordstored in the docking station, (a.2) comparing a password stored in theportable computer to the docking password, (a.3) if the password storedin the portable computer is equal to the docking password, allowing theportable computer to access the docking station, and (a.4) if thepassword stored in the portable computer is not equal to the dockingpassword, preventing the portable computer from accessing the dockingstation; wherein substep (a.1) comprises the following substep: (a.1.1)obtaining an administrator password activation flag from within thedocking station; and, wherein substep (a.2) includes the followingssubsteps: (a.2.1) using an administrator password as the password whichis compared to the docking password when the administrator passwordactivation flag is true, and (a.2.2) using a user password as thepassword which is compared to the docking password when theadministrator password activation flag is not true.
 6. Storage media asin claim 5 wherein in substep (a.2.2), when the administrator passwordactivation flag is not true and the user password has a null value,using the administrator password as the password which is compared tothe docking password.
 7. Storage media as in claim 5 wherein substep(a.1) additionally comprises the following substeps: (a.1.2) obtaining asecurity activation flag from within the docking station; and, (a.1.3)when the security activation flag is true proceeding to perform substep(a.2), substep (a.3) and substep (a.4); wherein when the securityactivation flag is not true, performing the following substep instead ofsubstep (a.2), substep (a.3) and substep (a.4): (a.5) allowing theportable computer to access the docking station.
 8. Storage media as inclaim 5 wherein when in substep (a.1) the docking password has a nullvalue, performing the following substep instead of substep (a.2),substep (a.3) and substep (a.4): (a.5) allowing the portable computer toaccess the docking station.
 9. A docking station comprising: storagemeans for storing a docking password within the docking station; and,protection means for, upon a portable computer being attached to thedocking station, comparing a password stored in the portable computer tothe docking password, the protection means allowing the portablecomputer to access the docking station when the password stored in theportable computer is equal to the docking password, and the protectionmeans preventing the portable computer from accessing the dockingstation when the password stored in the portable computer is not equalto the docking password; wherein the storage means is additionally forstoring an administrator password activation flag within the dockingstation; wherein the protection means uses an administrator password asthe password which is compared to the docking password when theadministrator password activation flag is true; and, wherein theprotection means uses a user password as the password which is comparedto the docking password when the administrator password activation flagis not true.
 10. A docking station as in claim 9, when the administratorpassword activation flag is not true and the user password has a nullvalue, the protections means uses the administrator password as thepassword which is compared to the docking password.
 11. A dockingstation as in claim 10 wherein when the docking password has a nullvalue, the protection means allows the portable computer to access thedocking station without comparing the password stored in the portablecomputer to the docking password.
 12. A docking station as in claim 9:wherein the storage means is additionally for storing a securityactivation flag within the docking station; and, wherein when thesecurity activation flag is not true the protection means allows theportable computer to access the docking station without comparing thepassword stored in the portable computer to the docking password.